Lotus Domino R5 prior to version 5.0.7 is subject to a denial of service attack. If numerous requests are made for MS DOS device names, ncgihttp.exe inappropriately handles them, resulting in the exhaustion of system resources.